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- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on 22 November 2004 . 
2a)[3 This action is FINAL. 2b)n This action is non-final. 
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DETAILED ACTION 
Response to Arguments 

1. In response to communications filed on 1 1/22/2004, Applicant cancels claims 148-164 
and adds claims 165-181. The following claims 107-147 and 165-181 are presented for 
examination. 

2. In response to Applicant's remarks, pages 1 3-22, filed on 1 1/22/2004, the objection to the 
figure 1 has been withdrawn in view of the amendment to the drawing received 5/3/2004. In 
view of the amendment claims 148-164 have been cancelled and the 101 rejection has been 
withdrawn. Applicant's discussion about the 112 rejection of claims 107, 131, 148 and 125, 145, 
and 162 have been considered but Applicant fails to show the support of the claimed invention as 
claimed. For example, the specification on page 12, lines 12-19 and figure 4 cited by applicant 
does not show support creating a socket associated with the first connection and the first securitv 
token if none of the security associated tokens match. The disclosure recites "the attempted 
connection (first connection) is put on the list of currently open sockets. This section of the 
disclosure is a description to figure 4; and figure 4 does not show any step of "creating a socket 
associated with the first connection and the first security token". Step 470 mentions "Put 
connection on the Ust of currently open sockets". Examiner respectfully disagrees with 
Applicant's argument because figure 4 or the specification on page 12, lines 12-19 does not show 
enough support as to reasonably convey to one skilled in the relevant art that the inventor(s), at 
the time the application was filed, had possession of the claimed invention reciting: if none of the 
security associated tokens match creating a socket associated with the first connection and the 
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first security token. Examiner requests further clarification from Applicant. Therefore, claims 
107, 131, 148 and 125, 145, and 165, 179 and the intervening claims are rejected under 35 
U.S.C. 1 12, first paragraph. 

As per claims 120 and 140, Bagwat discloses the claimed limitation as claimed. In 
response to applicant's argument that the references fail to show certain features of applicant's 
invention, it is noted that the features upon which appUcant relies (i.e., the proxy initiates 
connection to the chent) is not recited in the rejected claim(s). Although the claims are 
interpreted in light of the specification, limitations from the specification are not read into the 
claims. See In re Van Geuns, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993), Therefore 
claims 120 and 140 and the intervening claims still remain rejected in view of Bagwat. 

Regarding claims 128-130, Applicant argues that the references do not disclose the 
claimed protocol daemon. The rejection of claims 128-130 is clearly rewritten as requested by 
applicant to show that these claims are obvious in view of Crichton and the claimed protocol 
daemon is disclosed. Crichton discloses one end proxy could provide both client and server end 
proxy functionality (column 5, lines 41-45). This means if the first program represents an 
application server an in-bound connection is created "a server end-proxy can connect to an inside 
X-Windows system server and a middle proxy" (column 5, lines 32-35). AppHcant discloses the 
same (on page 9, lines 9-15) program 135 (first program) requires an in-bound connection (e.g. 
where program 135 is an appHcation server) . . . such functionality is provided by a daemon 
running on computer 105. Regarding claims 165-181, appUcant states (page 15) that the claims 
contain no language that limits the scope of the claims beyond that previously presented and the 
claims were amended for formal modifications to overcome the 101 rejection. Therefore, 
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Examiner maintains the same 102 rejection as being anticipated by Bagwat since claims 148-164 
previously presented are equivalent to 165-181 respectively. For at least the reasons cited above, 
Applicant has not overcome the rejections of claims 107-147 and 165-181. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the first paragraph of 35 U.S. C. 112: 

The specification shall contain a written description of the invention, and of the manner 
and process of making and using it, in such full, clear, concise, and exact terms as to 
enable any person skilled in the art to which it pertains, or with which it is most nearly 
connected, to make and use the same and shall set forth the best mode contemplated by 
the inventor of carrying out his invention. 

3,1 Claims 107, 131, 148 and 125, 145, and 165, 179 and the intervening claims are rejected 
under 35 U.S. C. 112, first paragraph, as failing to comply with the written description 
requirement. The claim contains subject matter, which was not described in the specification in 
such a way as to reasonably convey to one skilled in the relevant art that the inventor(s), at the 
time the application was filed, had possession of the claimed invention. The Applicant fails to 
recite creating a socket associated with the first connection and the first security token if none of 
the security associated tokens match. The specification, on the other hand, describes that 
connection is disconnected or remains open. 

Claim Rejections - 35 USC §102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(e) the invention was described in a patent granted on an application for patent by another 
filed in the United States before the invention thereof by the apphcant for patent, or on an 
international application by another who has fulfilled the requirements of paragraphs (1), (2), and 
(4) of section 371(c) of this title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre- AIPA 
35 U.S.C. 102(e)). 

4. 1 Claims 107-127 and 131-148 are rejected under 35 U.S.C. 102(e) as being anticipated by 
US Patent 5,941,988 to Bhagwat et aL. 

4.2 As per claims 107-108, 131-132, and 148, Bhagwat et aL discloses a method 
comprising providing one socket for each end connection wherein each socket has associated 
address, port number, sequence space and sequence number and checksum (see column 3, line 
45 through column 4, line 17 see abstract) that meets the recitation of associated security token; 
so the disclosure above meets the recitation of providing a plurality of sockets, wherein each 
socket has an associated connection and an associated security token; Bhagwat et al also 
discloses a proxy receives connection from the client and exchanges authentication information, 
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for example (see column 7, lines 10-25) also the client sends the associated security token as 
discussed above to establish connection (see column 3, line 45 through column 4, line 17 column 
6, lines 35-43; column 7, lines 45-67) that meets the recitation of receiving a first connection and 
a first security token; Bhagwat et al also discloses checking the authentication test (column 7, 
lines 12-25) and discloses a mapping process that includes comparing the security token of the 
client to associated security tokens also discloses matching port numbers or addresses that meets 
the recitation of comparing the first security token with the associated security tokens, for 
example (column 6, lines 35-43; and column 7, line 55 through column 8, line 24; see also 
column 4, lines 22-37); Bhagwat et al further discloses in one embodiment that if authentication 
fails the socket returns to Hsten state (column 7, lines 13-24); also discloses a new socket B is 
created and the proxy process is performed to associate with the first connection and the first 
security token (column 7, lines 33-56 and figure 6) that meets the recitation of creating a socket 
associated with the first connection and the first security token (see also column 4, lines 31-37). 

As per claims 109, 111, 133, 135, Bhagwat et al. discloses the limitation of further 
comprising: in response to said comparing, if the first security token and a security token 
associated with one of the plurality of sockets match, coupling the first connection to the 
connection associated with the socket, for example (see column 5, lines 5-20). 

As per claims 110, 134, Bhagwat et al. discloses the limitation of further comprising: in 
response to said comparing, if none of the associated security tokens match the first security 
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token, upon a determination that the first connection is not to be associated with a socket, 
disconnecting the first connection, for example (see column 12, lines 25-37). 

As per claims 112, 136, Bhagwat et al. discloses the limitation of wherein the coupling 
the first connection to the connection associated with the socket comprises: creating a single 
connection comprising the first connection and the connection associated with the socket, for 
example (see column 5, Hues 5-20 and column 7, lines 26-56). 

As per claims 113-114, 137-138, Bhagwat et al. discloses the limitation of further 
comprising: decoupling the first connection and the connection associated with the socket, 
wherein the decoupling occurs upon one of failure and disconnect of one of the first connection 
and the connection associated with the socket, for example (see column 12, lines 25-37 and 
column 9, line 55 et seq.). 

As per claims 115, 139, Bhagwat et al. discloses the limitation of wherein the first 
connection is transmitted through a first firewall program, for example (see column 1, lines 45- 
67 and column 5, lines 5-20). 

As per claim 116, Bhagwat et al. discloses a proxy that can create a connection that 
meets the recitation of the hmitation of wherein the first connection is created by a protocol 
daemon, for example (see column 7, lines 26-45). 
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As per claim 117, Bhagwat et aL discloses wherein a second connection connects the 
protocol daemon to a first program, and the protocol daemon couples the first connection to the 
second connection, for example (see column 7, Hnes 26-56). 

As per claim 118, Bhagwat et aL discloses wherein the protocol daemon relays a data 
stream between the first connection and the second connection, for example (see column 7, lines 
26-56). 

As per claim 119, Bhagwat et al. discloses wherein the first program provides the first 
security token, for example (see column 3, line 63 through column 4, line 8). 

As per claims 120 and 140, Bhagwat et aL discloses a method comprising: creating a 
first connection to a proxy that meets the recitation of first program (column 5, lines 5-10); 
receiving data 1 that meets the recitation of a first security token from the first program (column 
5, lines 1 8-20); creating a second connection to a telnet server that meets the recitation of relay 
program (column 5, line 15); providing the first security token to the relay program, for example 
(see column 5, Hnes 18-20); and upon successful creation of the second connection, coupling the 
first connection to the second connection, for example(column 5, lines 18-30). See also (see 
column 3, line 63 through column 4, line 8; and column 7, lines 26-45). 



Application/Control Number: 09/456,692 Page 9 

Art Unit: 2136 

As per claims 121 and 141, Bhagwat et al. discloses the limitation of wherein the 
second connection is transmitted through a firewall program, for example (see column 3, line 63 
through column 4, line 8; column 5, lines 5-40; and column 7, lines 26-45). 

As per claims 122 and 142, Bhagwat et al. discloses the Hmitation of further 
comprising: relaying a data stream between the first connection and the second connection, for 
example (see column 3, line 63 through column 4, line 8; column 5, lines 5-40 and column 7, 
lines 26-45). 

As per claims 123 and 143, Bhagwat et al. discloses the limitation of wherein the first 
security token is one of a password, a network address, and a verification string, for example (see 
column 3, line 63 through column 4, line 8; column 5, lines 5-40; and column 7, lines 26-45). 

As per claims 124 and 144, Bhagwat et al. discloses the limitation of further 
comprising: terminating the first connection and the second connection, for example (see column 
12, lines 25-37 and column 9, lines 55 et seq.). 

As per claims 125 and 145, Bhagwat et al. discloses the limitation of wherein the relay 
program compares the first security token with one or more security tokens associated with one 
or more corresponding connections, for example (column 7, lines 10-55 and column 8, lines 40 
et seq. and column 4, lines 22-37 and column 12, line 33-55); in response to said comparing, if 
the first security token and a security token associated with a corresponding connection match, 
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coupling the second connection to the connection associated with the matching security token, 
for example (see column 5, lines 5-20); and in response to said comparing, if none of the 
associated security tokens match the first security token, creating a socket associated with the 
second connection and the first security token, for example (column 7, lines 10-55 and column 8, 
lines 40 et seq. and column 4, lines 22-37 and column 12, line 33-55). See also column 3, line 
63 through column 4, line 7). 

As per claims 126 and 146, Bhagwat et al. discloses the limitation of wherein the 
connection associated with the matching security token is initiated by a second program, for 
example (see column 5, lines 5-20). 

As per claims 127 and 147, Bhagwat et al. discloses the limitation of wherein the relay 
program relays data between the second connection and the connection associated with the 
matching security token, for example (see column 3, line 63 through column 4, line 8; column 5, 
lines 5-40 and column 7, lines 26-45). 

Claims 165-173 are similar to the rejected claims 107-1 15 respectively except for 
incorporating the claimed methods into a computer program. Therefore, 107-1 15 are rejected on 
the same rationale as the rejection of claims 165-173. 
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Claims 174-181 contains the same claim limitations as the rejected claims 120-127 
respectively except for incorporating the claimed methods into a computer program. Therefore, 
174-181 are rejected on the same rationale as the rejection of claims 120-127. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 

5. 1 Claims 128-130 are rejected under 35 U.S.C. 103(a) as being unpatentable over US 
Patent 5,941,988 to Bhagwat et aL in view of US Patent 6,104,716 to Crichton et aL. 

5.2 Claim 128 contains the same limitations as claim 120 except for using a protocol daemon 
to create both connections. Bhagwat et al discloses a proxy that meets the recitation of protocol 
daemon and discloses all the limitations of claim 120 except for initiating the first connection to 
the cHent. Crichton et aL in an analogous art teaches the limitation of claim 120 by using a 
client proxy for communicating with a client and with a middle proxy and coupling the 
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connections to provide end-to-end connections through firewalls (column 2, lines 26-52). 
Crichton et al also discloses the client and the proxy can reside on the same machine (column 6, 
lines 15-24). Crichton et al also discloses that the functionality of end proxies that meets the 
recitation of protocol daemon can be increased to allow for other protocols and services, for 
example one end proxy could provide both client and server end proxy functionality (column 5, 
lines 41-45). Therefore, it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to modify the proxy or protocol daemon disclosed in Bhagwat et al. to 
provide a protocol daemon program that does the creating the first connection as well as the 
second connection thus increasing the functionality of end proxy to allow for other protocols and 
services as sugggested by Crichton et al This modification would have been obvious because 
one skilled in the art would have been motivated by the suggestions provided by Crichton et al. 
so as to increase the functionality of end proxy to allow for other protocols and services, for 
example (see column 5, lines 41-45). 

Conclusion 

6. THIS ACTION IS MADE FINAL. AppHcant is reminded of the extension of time 

policy as set forth in 37 CFR 1, 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 136(a) will be calculated from the mailing date of the advisory action. In no event, 
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however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

6. 1 The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. US Patents 6,308,238 Smith et al. 5,944,823 Jade et al. 

These patents pertain to comparing security token with associated security tokens to 
determine whether or not connection should be established. Many of the claimed features are 
disclosed in these references. 

6.2 Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carl Colin whose telephone number is 571-272-3862. The 
examiner can normally be reached on Monday through Thursday and every other Friday, 8:00- 



If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-3900. 



6:30 PM. 



Patent Examiner 



Carl Colin 




February 17, 2005 
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